/*******************************************************************************
 * Copyright (c) 2005, 2014 springside.github.io
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 *******************************************************************************/
package com.njmd.mdbs.web.security;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

import com.njmd.mdbs.web.entity.sys.SysLogin;
import com.njmd.mdbs.web.service.SysLoginService;

public class UserRealm extends AuthorizingRealm
{

	@Autowired
	private SysLoginService sysLoginService;

	/**
	 * 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用.
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals)
	{
		String username = (String) principals.getPrimaryPrincipal();
		try
		{
			SysLogin user = sysLoginService.findByLoginName(username);
			SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();

			authorizationInfo.setRoles(null);
			authorizationInfo.setStringPermissions(sysLoginService.findPermissionsByLogin(user));

			return authorizationInfo;
		}
		catch (Exception e)
		{
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
		return null;

	}

	/**
	 * 认证回调函数,登录时调用.
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException
	{
		String username = (String) token.getPrincipal();

		try
		{
			SysLogin user = sysLoginService.findByLoginName(username);
			if (user == null)
			{
				throw new UnknownAccountException();// 没找到帐号
			}

			if (Integer.valueOf(0).equals(user.getStatus()))
			{
				throw new LockedAccountException(); // 帐号锁定
			}

			// 交给AuthenticatingRealm使用CredentialsMatcher进行密码匹配
			SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(new LoginToken(user), user.getLoginPwd(), ByteSource.Util.bytes(user
					.getCredentialsSalt()), getName());
			return authenticationInfo;
		}
		catch (Exception e)
		{
			e.printStackTrace();
			throw new UnknownAccountException();// 没找到帐号
		}
	}

	@Override
	public void clearCachedAuthorizationInfo(PrincipalCollection principals)
	{
		super.clearCachedAuthorizationInfo(principals);
	}

	@Override
	public void clearCachedAuthenticationInfo(PrincipalCollection principals)
	{
		super.clearCachedAuthenticationInfo(principals);
	}

	@Override
	public void clearCache(PrincipalCollection principals)
	{
		super.clearCache(principals);
	}

	public void clearAllCachedAuthorizationInfo()
	{
		getAuthorizationCache().clear();
	}

	public void clearAllCachedAuthenticationInfo()
	{
		getAuthenticationCache().clear();
	}

	public void clearAllCache()
	{
		clearAllCachedAuthenticationInfo();
		clearAllCachedAuthorizationInfo();
	}
}
